Information technology — Cloud computing — Common technologies and techniques

This document provides a description of a set of common technologies and techniques used in conjunction with cloud computing. These include: — virtual machines (VMs) and hypervisors; — containers and container management systems (CMSs); — serverless computing; — microservices architecture; — automation; — platform as a service systems and architecture; — storage services; — security, scalability and networking as applied to the above cloud computing technologies.

Titre manque

General Information

Status
Published
Publication Date
10-Feb-2020
Current Stage
6060 - International Standard published
Start Date
11-Feb-2020
Completion Date
11-Feb-2020
Ref Project

Buy Standard

Technical specification
ISO/IEC TS 23167:2020 - Information technology -- Cloud computing -- Common technologies and techniques
English language
54 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

TECHNICAL ISO/IEC TS
SPECIFICATION 23167
First edition
2020-02
Information technology — Cloud
computing — Common technologies
and techniques
Reference number
ISO/IEC TS 23167:2020(E)
ISO/IEC 2020
---------------------- Page: 1 ----------------------
ISO/IEC TS 23167:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2020 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC TS 23167:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Symbols and abbreviated terms ........................................................................................................................................................... 4

5 Overview of common technologies and techniques used in cloud computing ....................................4

5.1 General ........................................................................................................................................................................................................... 4

5.2 Technologies ............................................................................................................................................................................................. 5

5.2.1 General...................................................................................................................................................................................... 5

5.2.2 Infrastructure capabilities type of cloud services ............................................................................... 5

5.2.3 Platform capabilities cloud services ............................................................................................................... 6

5.2.4 Application capabilities type cloud services ............................................................................................ 6

5.3 Techniques .................................................................................................................................................................................................. 6

6 Virtual machines and hypervisors ..................................................................................................................................................... 6

6.1 General ........................................................................................................................................................................................................... 6

6.2 Virtual machines and system virtualization .................................................................................................................. 7

6.3 Hypervisors................................................................................................................................................................................................ 7

6.3.1 General...................................................................................................................................................................................... 7

6.3.2 Type I hypervisors .......................................................................................................................................................... 8

6.3.3 Type II hypervisors ........................................................................................................................................................ 8

6.4 Security of VMs and hypervisors ............................................................................................................................................. 9

6.5 VM images, metadata and formats......................................................................................................................................10

7 Containers and container management systems (CMSs) ........................................................................................11

7.1 General ........................................................................................................................................................................................................11

7.2 Containers and operating system virtualization ....................................................................................................11

7.2.1 Description of containers ......................................................................................................................................11

7.2.2 Container daemon .......................................................................................................................................................12

7.2.3 Container resources, isolation and control ............................................................................................13

7.3 Container images and filesystem layering ...................................................................................................................14

7.3.1 Image purpose and content .................................................................................................................................14

7.3.2 Filesystem layering .....................................................................................................................................................15

7.3.3 Container image repositories and registries ........................................................................................16

7.4 Container management systems (CMSs) .......................................................................................................................17

7.4.1 General...................................................................................................................................................................................17

7.4.2 Common CMS capabilities ....................................................................................................................................17

8 Serverless computing ...................................................................................................................................................................................19

8.1 General ........................................................................................................................................................................................................19

8.2 Functions as a service ....................................................................................................................................................................20

8.2.1 Overview ..............................................................................................................................................................................20

8.2.2 Functions within FaaS ..............................................................................................................................................20

8.2.3 Serverless frameworks ............................................................................................................................................21

8.2.4 FaaS relationship to microservices and containers ........................................................................21

8.3 Serverless databases .......................................................................................................................................................................22

9 Microservices architecture .....................................................................................................................................................................22

9.1 General ........................................................................................................................................................................................................22

9.2 Advantages and challenges of microservices ............................................................................................................23

9.3 Specification of microservices ................................................................................................................................................25

9.4 Multi-layered architecture .........................................................................................................................................................25

9.5 Service mesh ..........................................................................................................................................................................................28

9.6 Circuit breaker......................................................................................................................................................................................30

© ISO/IEC 2020 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC TS 23167:2020(E)

9.7 API gateway ............................................................................................................................................................................................30

10 Automation ..............................................................................................................................................................................................................30

10.1 General ........................................................................................................................................................................................................30

10.2 Automation of the development lifecycle .....................................................................................................................31

10.3 Tooling for automation .................................................................................................................................................................31

11 Architecture of PaaS systems ................................................................................................................................................................32

11.1 General ........................................................................................................................................................................................................32

11.2 Characteristics of PaaS systems ............................................................................................................................................33

11.3 Architecture of components running under PaaS system ..............................................................................35

12 Data storage as a service ...........................................................................................................................................................................36

12.1 General ........................................................................................................................................................................................................36

12.2 Common features of DSaaS .......................................................................................................................................................37

12.3 Capabilities type of DSaaS ..........................................................................................................................................................40

12.4 Significant additional capabilities of DSaaS ................................................................................................................40

13 Networking in cloud computing ........................................................................................................................................................41

13.1 Key aspects of networking .........................................................................................................................................................41

13.2 Cloud access networking .............................................................................................................................................................41

13.3 Intra-cloud networking ................................................................................................................................................................42

13.4 Virtual private networks (VPNs) and cloud computing ...................................................................................43

14 Cloud computing scalability ..................................................................................................................................................................44

14.1 Scalability approaches ...................................................................................................................................................................44

14.2 Parallel instances and load balancing ..............................................................................................................................45

14.3 Elasticity and automation ...........................................................................................................................................................46

14.4 Database scaling .................................................................................................................................................................................46

15 Security and the cloud common technologies ....................................................................................................................47

15.1 General ........................................................................................................................................................................................................47

15.2 Firewalls ....................................................................................................................................................................................................47

15.3 Endpoint protection ........................................................................................................................................................................47

15.4 Identity and access management .........................................................................................................................................47

15.5 Data encryption ...................................................................................................................................................................................48

15.6 Key management ................................................................................................................................................................................48

Annex A (informative) VM Images and disk images ..........................................................................................................................49

Bibliography .............................................................................................................................................................................................................................50

iv © ISO/IEC 2020 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC TS 23167:2020(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that

are members of ISO or IEC participate in the development of International Standards through

technical committees established by the respective organization to deal with particular fields of

technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other

international organizations, governmental and non-governmental, in liaison with ISO and IEC, also

take part in the work.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC

list of patent declarations received (see http:// patents .iec .ch).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/

iso/ foreword .html.

This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 38, Cloud Computing and Distributed Platforms.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO/IEC 2020 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC TS 23167:2020(E)
Introduction

Cloud computing is described at a high, conceptual level in the two foundational standards

[1] [2]
ISO/IEC 17788 and ISO/IEC 17789 .

However, as the use of cloud computing has grown, a set of commonly used technologies has grown to

support, simplify and extend the use of cloud computing alongside sets of commonly used techniques

which enable the effective exploitation of the capabilities of cloud services. Many of these common

technologies and techniques are aimed at developers and operations staff, increasingly linked together

in a unified approach called DevOps (see 10.2). The aim is to speed and simplify the creation and

operation of solutions based on the use of cloud services.

This document aims to describe the common technologies and techniques which relate to cloud

computing, to describe how they relate to each other and to describe how they are used by some of the

roles associated with cloud computing.

This document (a Technical Specification) addresses areas that are still developing in the industry,

where it is believed that there will be a future, but not immediate, need for one or more International

Standards.

This document will be of primary interest to service developers in Cloud Service Providers and to

standards developers working with ISO and other organizations.
vi © ISO/IEC 2020 – All rights reserved
---------------------- Page: 6 ----------------------
TECHNICAL SPECIFICATION ISO/IEC TS 23167:2020(E)
Information technology — Cloud computing — Common
technologies and techniques
1 Scope

This document provides a description of a set of common technologies and techniques used in

conjunction with cloud computing. These include:
— virtual machines (VMs) and hypervisors;
— containers and container management systems (CMSs);
— serverless computing;
— microservices architecture;
— automation;
— platform as a service systems and architecture;
— storage services;

— security, scalability and networking as applied to the above cloud computing technologies.

2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 22123-1:— , Information technology — Cloud computing — Part 1:Terminology

3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 22123-1 and the

following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at http:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
guest operating system
guest OS
operating system that runs within a virtual machine
[SOURCE: ISO/IEC 21878:2018, 3.2]
1) To be published.
© ISO/IEC 2020 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO/IEC TS 23167:2020(E)
3.2
host operating system
host OS
operating system onto which virtualization software is installed

Note 1 to entry: "virtualization software" can include both hypervisor and virtual machines as well as container

daemon (3.4) and containers.
3.3
serverless computing

cloud service category in which the cloud service customer can use different cloud capabilities types

without the cloud service customer having to provision, deploy and manage either hardware or

software resources, other than providing cloud service customer application code or providing cloud

service customer data

Note 1 to entry: Serverless computing provides automatic scaling with dynamic elastic allocation of resources by the

cloud service provider, automatic distribution across multiple locations, and automatic maintenance and backup.

Note 2 to entry: Serverless computing functionality is triggered by one or more cloud service customer defined

events and can execute for a limited time period as required to deal with each event.

Note 3 to entry: Serverless computing functionality can be invoked by direct invocation from web and mobile

applications.
3.4
container daemon

software service that executes on a host operating system (3.2) and is responsible for creating, starting

and stopping containers on that system
3.5
container management system
CMS
software that provides for management and orchestration of container instances

Note 1 to entry: Capabilities include initial creation and placement, scheduling, monitoring, scaling, update and

the parallel deployment of capabilities such as load balancers, firewalls, virtual networks and logging.

3.6
cloud native application

application that is explicitly designed to run within and to take advantage of the capabilities and

environment of cloud services
3.7
functional decomposition

type of modular decomposition in which a system is broken down into components that correspond to

system functions and subfunctions
EXAMPLE Hierarchical decomposition, stepwise refinement.
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.1695]
3.8
continuous deployment

software engineering approach in which teams produce software in short cycles such that the software

can be released to production at any time and where deployment to production is itself automated

3.9
continuous delivery
continuous deployment (3.8) where the deployment stage is initiated manually
2 © ISO/IEC 2020 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC TS 23167:2020(E)
3.10
DevOps

methodology which combines together software development and IT operations in order to shorten the

development and operations lifecycle
3.11
DevSecOps

DevOps (3.10) extended to include security capabilities as an essential and integral part of the

development and operations processes
3.12
orchestration

type of composition where one particular element is used by the composition to oversee and direct the

other elements

Note 1 to entry: The element that directs an orchestration is not part of the orchestration (composition

instance) itself.
Note 2 to entry: See ISO/IEC 18384-3:2016, 8.3.
[SOURCE: ISO/IEC 18384-1:2016, 2.16]
3.13
virtual machine image
VM image
information and executable code necessary to run a virtual machine
3.14
virtual machine metadata
VM metadata
information about the configuration and startup of a virtual machine
3.15
microservice

independently deployable artefact providing a service implementing a specific functional part of an

application
3.16
microservices architecture
design approach that divides an application into a set of microservices (3.15)
3.17
functions as a service
function as a service
FaaS

cloud service category in which the capability provided to the cloud service customer is the execution

of cloud service customer application code, in the form of one or more functions that are each triggered

by a cloud service customer specified event
3.18
serverless database

cloud service category in which the capability provided to the cloud service customer is a fully cloud

service provider managed database made available via an application programming interface

© ISO/IEC 2020 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO/IEC TS 23167:2020(E)
3.19
firewall

type of security barrier placed between network environments — consisting of a dedicated device

or a composite of several components and techniques — through which all traffic from one network

environment traverses to another, and vice versa, and only authorized traffic, as defined by the local

security policy, is allowed to pass
[SOURCE: ISO/IEC 27033-1:2015, 3.12]
3.20
container registry
component that provides the capability to store and to access container images
3.21
resource affinity
placement of two or more resources close to each other

Note 1 to entry: Closeness relates to factors such as speed of access or high bandwidth of access between the

resources.
4 Symbols and abbreviated terms
API Application programming interface
CMS Container management system
CSC Cloud service customer
CSP Cloud service provider
DNS Domain name service
GUI Graphical user interface
HTTP Hypertext transfer protocol
IaaS Infrastructure as a service
IP Internet protocol
MAC Media access control
OCI Open containers initiative
OS Operating system
OVF Open virtualization format
PaaS Platform as a service
SaaS Software as a service
VPN Virtual private network
5 Overview of common technologies and techniques used in cloud computing
5.1 General

This document provides a description of a set of common technologies and techniques used in

conjunction with cloud computing.
4 © ISO/IEC 2020 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/IEC TS 23167:2020(E)

A common technology is one that is used to implement one or more of the functional components of

[2]

cloud computing described in ISO/IEC 17789:2014,9.2 cloud computing reference architecture. The

common technologies often form part of a cloud service or are employed by the cloud service customer

(CSC) when using a cloud service.

A common technique is a methodology or an approach to performing some of the activities associated

[2]

with cloud computing, as described in ISO/IEC 17789:2014,10.2.2 . It is typical of the common

techniques to either reduce the effort needed to make use of cloud services or to enable full use of the

capabilities provided by cloud services.

Many of the common technologies and techniques are used in conjunction when developing and

operating cloud native applications.

The various common technologies and techniques are described in detail in the following clauses.

In what follows, text that is extracted from other standards are indicated by placing the extracted text

in quotes, using italic text, and providing the exact reference at the end of the extracted text.

5.2 Technologies
5.2.1 General

The common technologies principally relate to virtualization and the control and management of

virtualized resources in the development and operation of cloud native applications. A cloud native

application is an application that is explicitly designed to run within and to take advantage of the

capabilities and environment of cloud services. These technologies address the three primary hardware

[2]

resources identified in ISO/IEC 17789:2014,9.2.4.2 of processing, storage and networking but also

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.